Exploitation Summary
EIP tracks 17 public exploits for CVE-2025-58434. PoCs published by andersoncezar048, 0xDaeras, kartik2005221. A Nuclei detection template is also available.
AI-analyzed exploit summary This exploit demonstrates an authentication bypass in FlowiseAI < 3.0.5 by leveraging the password reset functionality without proper token validation. It sends a crafted request to reset the password of a registered user, effectively allowing unauthorized password changes.
Description
Flowise is a drag & drop user interface to build a customized large language model flow. In version 3.0.5 and earlier, the `forgot-password` endpoint in Flowise returns sensitive information including a valid password reset `tempToken` without authentication or verification. This enables any attacker to generate a reset token for arbitrary users and directly reset their password, leading to a complete account takeover (ATO). This vulnerability applies to both the cloud service (`cloud.flowiseai.com`) and self-hosted/local Flowise deployments that expose the same API. Commit 9e178d68873eb876073846433a596590d3d9c863 in version 3.0.6 secures password reset endpoints. Several recommended remediation steps are available. Do not return reset tokens or sensitive account details in API responses. Tokens must only be delivered securely via the registered email channel. Ensure `forgot-password` responds with a generic success message regardless of input, to avoid user enumeration. Require strong validation of the `tempToken` (e.g., single-use, short expiry, tied to request origin, validated against email delivery). Apply the same fixes to both cloud and self-hosted/local deployments. Log and monitor password reset requests for suspicious activity. Consider multi-factor verification for sensitive accounts.
Exploits (17)
This exploit demonstrates an authentication bypass in FlowiseAI < 3.0.5 by leveraging the password reset functionality without proper token validation. It sends a crafted request to reset the password of a registered user, effectively allowing unauthorized password changes.
This repository contains a functional Python exploit for chaining two Flowise vulnerabilities: CVE-2025-58434 (account takeover via exposed password reset tokens) and CVE-2025-59528 (RCE via unsafe JavaScript evaluation in the CustomMCP node). The exploit supports full attack chain execution, including vulnerability checks, account takeover, login, and authenticated RCE.
This repository contains a functional Python exploit for chaining two Flowise vulnerabilities: CVE-2025-58434 (account takeover via exposed password reset tokens) and CVE-2025-59528 (RCE via unsafe JavaScript evaluation in the CustomMCP node). The exploit supports full attack chain execution, including vulnerability checks, account takeover, login, and authenticated RCE.
This repository contains a functional Python exploit for CVE-2025-58434, which leverages a token disclosure vulnerability in Flowise's forgot-password endpoint to achieve account takeover. The PoC automates the process of fetching a password reset token and resetting the victim's password without email verification.
This is a detailed technical writeup for the HackTheBox machine 'Silentium', which chains three CVEs (CVE-2025-58434, CVE-2025-59528, and CVE-2025-8110) to achieve full system compromise. It includes step-by-step exploitation details, code snippets, and technical analysis of each vulnerability.
The repository contains a functional Python script that exploits CVE-2025-58434, allowing unauthenticated password resets in Flowise versions 3.0.5 and below due to token leakage. The script automates the process of requesting a password reset and setting a new password for a target user.
This repository provides a detailed technical analysis of CVE-2025-58434, an account takeover vulnerability in Flowise. The root cause is the exposure of password reset tokens in HTTP responses, allowing unauthenticated attackers to reset passwords and take over accounts.
This repository contains a functional Python PoC for CVE-2025-58434, which exploits a vulnerability in the `/api/v1/account/forgot-password` endpoint. The script sends a crafted POST request with a JSON payload containing an email address, demonstrating the vulnerability.
The repository contains a functional Python exploit for CVE-2025-58434, which allows unauthenticated attackers to reset passwords in Flowise by abusing the `/api/v1/account/forgot-password` endpoint to obtain a valid `tempToken` and immediately reuse it to reset the password without verification.
This repository contains a functional Python exploit for CVE-2025-58434, demonstrating an unauthenticated password reset vulnerability in Flowise AI <= 3.0.5 due to leaked temporary tokens in API responses.
This repository contains a functional exploit script that chains two CVEs (CVE-2025-58434 and CVE-2025-59528) to achieve remote code execution on Flowise. The script automates account takeover via a password reset vulnerability and then executes arbitrary commands via a custom MCP node.
This repository contains a functional exploit PoC for CVE-2025-58434 (account takeover) and CVE-2025-59528 (RCE) in Flowise, demonstrating a full attack chain from unauthenticated access to remote code execution.
This repository contains a functional exploit chain for CVE-2025-58434 and CVE-2025-59528, targeting the Silentium HTB machine. It includes a user enumeration script (Bash) and an RCE exploit (Python) that injects malicious JavaScript into a Node.js endpoint to spawn a reverse shell.
The repository contains only a vague README with no technical details or exploit code, instructing users to replace a placeholder domain. This is characteristic of a social engineering lure.
This repository contains a functional exploit chain for CVE-2025-58434 (unauthenticated account takeover via password reset token disclosure) and CVE-2025-59528 (authenticated remote code execution via CustomMCP node JS injection) affecting Flowise <= 3.0.5. The Python script automates the full exploit chain, including password reset, API key retrieval, and command execution or reverse shell setup.
This repository contains a functional exploit for CVE-2025-58434, targeting Flowise versions below 3.0.5. The exploit chains account takeover via password reset with remote code execution through a crafted payload in the 'customMCP' endpoint.
This repository contains a functional exploit chain for CVE-2025-58434 (unauthenticated account takeover via password reset token disclosure) and CVE-2025-59528 (authenticated remote code execution via JS injection in the CustomMCP node). The Python script automates the full attack chain, including password reset, API key retrieval, and command execution or reverse shell setup.
Nuclei Templates (1)
http.title:"Flowise - Build AI Agents, Visually"
References (2)
Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H